<?php
session_start();
include_once "lib/config.php";
include_once "lib/pdomanager.php";

include_once "lib/functions.php";

DB::$dbname=DBNAME;
DB::$hostname=HOST;
DB::$dbusername=USERNAME;
DB::$dbpassword=PASSWORD;
DB::$dbtype=TYPE;
DB::$portnumber=PORTNUMBER;

DB::connect();

function random_string($length) {
    $key = '';
    $keys = array_merge(range(0, 9), range('a', 'z'));

    for ($i = 0; $i < $length; $i++) {
        $key .= $keys[array_rand($keys)];
    }

    return $key;
}


if(!isset($_SESSION['login_attempt_emp']))
{
	$_SESSION['login_attempt_emp']=0;
}

if(isset($_SESSION['type_id']) && $_SESSION['type_id']!="")
{
	header("Location:dashboard.php");
	exit();
}
else if(isset($_POST['data']['ecode']) && $_POST['data']['ecode']!="" )
{
	
	if(isset($_SESSION['captcha']) && $_SESSION['captcha']!="")
	{
		if($_POST['data']['captcha']==$_SESSION['captcha'])
		{
			$selectquery="select users.id,user_types.id as usertype_id,status from users,user_types where email_id=:email_id and password=:password and users.type_id=user_types.id";
            $bindarray=array(":email_id"=>trim($_POST['data']['ecode']),":password"=>md5(trim($_POST['data']['password'])));
            $res_query=DB::fetch_array(DB::query($selectquery,$bindarray));
            
			if(count($res_query)>0)
			{
				if($res_query[0]['status']=="0")
				{
					$msg="Your status is made inactive, Please contact to your Admin!";	
				}
				else
				{
					$_SESSION['login_attempt_emp']="";
					$_SESSION['type_id']=$res_query[0]['usertype_id'];
					$_SESSION['u_id']=$res_query[0]['id'];
	                
                    $insertarray=array("staff_id"=>$res_query[0]['id'],"action"=>"Login","logtime"=>time());
                    
                    DB::insertData("stafflog",$insertarray);
                    unset($_SESSION['captcha']);
					header("Location:dashboard.php");
					exit();
				}
				
			}
			else
			{
				$_SESSION['login_attempt_emp']++;
				$msg="Please enter valid user code & password for seleted user type!";
			}	
		}
		else
		{
			$_SESSION['login_attempt_emp']++;
			$msg="Please enter correct captcha!";
		}	
	}
	else
	{
		$selectquery="select users.id,user_types.id as usertype_id,status from users,user_types where email_id=:email_id and password=:password and users.type_id=user_types.id";
        $bindarray=array(":email_id"=>trim($_POST['data']['ecode']),":password"=>md5(trim($_POST['data']['password'])));
        $res_query=DB::fetch_array(DB::query($selectquery,$bindarray));
            
		if(count($res_query)>0)
		{
			if($res_query[0]['status']==0)
			{
				$msg="Your status is made inactive, Please contact to your Admin!";	
			}
			else
			{
				$_SESSION['login_attempt_emp']="";
				$_SESSION['type_id']=$res_query[0]['usertype_id'];
				$_SESSION['u_id']=$res_query[0]['id'];
                
                $insertarray=array("staff_id"=>$res_query[0]['id'],"action"=>"Login","logtime"=>time());
                
                DB::insertData("stafflog",$insertarray);
                
                unset($_SESSION['captcha']);
                    
				header("Location:dashboard.php");
				exit();
			}
		}
		else
		{
			$_SESSION['login_attempt_emp']++;
			$msg="Please enter valid user code & password for seleted user type!";
		}	
	}	
}
//echo $_SESSION['login_attempt_emp']=0;
if($_SESSION['login_attempt_emp']>=3)
{
	$_SESSION['captcha']=random_string(8);
}

?>
<!DOCTYPE html>
<html lang="en">
<head>
	
	<meta charset="utf-8">
	<title>Allyfolio Admin Portal</title>
	

	<!-- The styles -->
	<link id="bs-css" href="css/bootstrap-cerulean.css" rel="stylesheet">
	<style type="text/css">
	  body {
		padding-bottom: 40px;
		font-family:arial !important;
	  }
	  .sidebar-nav {
		padding: 9px 0;
	  }
	</style>
	<link href="css/bootstrap-responsive.css" rel="stylesheet">
	<link href="css/charisma-app.css" rel="stylesheet">
	<style>
	.submit-green {
background: url(images/submit-green-bg.gif) top left repeat-x;
border: 0;
border-top: 1px solid #6bd091;
border-left: 1px solid #6bd091;
border-right: 1px solid #349c5c;
border-bottom: 1px solid #349c5c;
color: #ffffff;
font-size: 14px;
padding: 2px 12px;
margin: 0px 10px 0 0;
cursor: pointer;
}
</style>
	
 <link rel="stylesheet" href="alertify/themes/alertify.core.css" />
 <link rel="stylesheet" href="alertify/themes/alertify.default.css" id="toggleCSS" />
 <script src="alertify/lib/alertify.min.js"></script>	
 <script src="js/jquery-1.3.2.min.js" ></script>
</head>

<body style="">
		<div class="container-fluid">
		<div class="row-fluid">
		
			<div class="row-fluid">
				<div class="span12 center login-header">
					<h2 style="font-family: aria">Welcome to Allyfolio Admin Panel</h2>
				</div><!--/span-->
			</div><!--/row-->
			
			<div class="row-fluid">
				<div class="well span5 center login-box">
					
					<?php if(isset($msg) && $msg!=""){ ?>
					<div class="alert alert-info" style="background-color: #ffc6ca;border-color: #efb9c3;color:red;">
						 <?php echo $msg; ?>
					</div>
					<?php
					}
					else
					{
						?>
						<div  class="alert alert-info" style="background-color: #edebe1;border-color: #e0d9cb;color:#817b58">Please login with your Username and Password.</div>
						<?php
					}
					?>
					<form class="form-horizontal" method="post" onsubmit="return validfrm();">
						<fieldset>
							
							<div class="input-prepend" title="Emp Code" data-rel="tooltip">
								<span class="add-on"><i class="icon-user"></i></span><input autofocus class="input-large span10" name="data[ecode]" id="username" type="text"  placeholder="Username" value="<?php if(isset($_POST['data']['ecode']) && $_POST['data']['ecode']!=""){ echo $_POST['data']['ecode']; }?>"/>
							</div>
							<div class="clearfix"></div>

							<div class="input-prepend" title="Password" data-rel="tooltip">
								<span class="add-on"><i class="icon-lock"></i></span><input class="input-large span10" name="data[password]" id="password" type="password" placeholder="Password" value="<?php if(isset($_POST['data']['password']) && $_POST['data']['password']!=""){ echo $_POST['data']['password']; }?>"/>
							</div>
							<div class="clearfix"></div>
							
							<?php
							if(isset($_SESSION['captcha']) && $_SESSION['captcha']!="")
							{
							?>
							<div class="input-prepend" style="width: 180px;">
								<table cellpadding="2" width="100%" border="0" cellspacing="2">
									<tr>
										<td width=""><div style="padding:10px;background:#d3d3d3;color:#35AA47;width:125px;font-family:Helvetica, sans-serif;font-weight:bold;text-align:center" id="cap">
									<i><?php echo $_SESSION['captcha']; ?></i>
								</div>
										</td>
										<td>
											<img src="images/refresh.png" onclick="change_captcha();" style="cursor:pointer">
										</td>
									</tr>
									<tr>
										<td colspan="2"><input type="text" class="input-large span10" placeholder="captcha" tabindex="1" id="Captcha" name="data[captcha]" style="width:180px" /></td>
									</tr>
								</table>
								
							</div>
							<?php
							}
							?>
							<p class="center span5">
							<button type="submit" class="submit-green">&nbsp;&nbsp;Login&nbsp;&nbsp;</button>
							</p>
						</fieldset>
					</form>
				</div><!--/span-->
			</div><!--/row-->
				</div><!--/fluid-row-->
		
	</div><!--/.fluid-container-->

		
</body>
</html>
<script>
function validfrm()
{
	if(document.getElementById("username").value=="")
	{
		alertify.alert("Please enter username");
		document.getElementById("username").focus();
		return false;
	}
	else if(document.getElementById("password").value=="")
	{
		alertify.alert("Please enter password");
		document.getElementById("password").focus();
		return false;
	}
	<?php
	if(isset($_SESSION['captcha']) && $_SESSION['captcha']!="")
	{
	?>
	else if(document.getElementById("Captcha").value=="")
	{
		alertify.alert("Captcha required");
		document.getElementById("Captcha").focus();
		return false;
	}
	<?php
	}
	?>
}
function change_captcha()
{
	$.ajax({
	  url: "ajax_captcha.php",
	  success: function( data ) {
	    $( "#cap" ).html( data);
	  }
	});
}
</script>
